home *** CD-ROM | disk | FTP | other *** search
-
- Configuring and Performing LPScan
- LPSCAN.EXE is an on-demand scan that detects viruses residing on
- workstation local drives and deletes or cleans the files that contain
- viruses. When LPSCAN.EXE finds a virus, you can delete it and
- restore the unblemished original or clean it. A password is required to
- scan and clean viruses from files on network drives with LPScan. The
- default password is LPCLEAN and it is not case sensitive.
-
- LPSCAN.EXE is a DOS executable file and can only be executed from
- a DOS workstation. However, the scan draws upon the LANProtect
- virus pattern file, located in the LANProtect directory on the file
- server, to detect viruses. Therefore, you must be logged in to the
- server and have LANProtect loaded when you run LPSCAN.EXE.
-
- LPScan Command Line Options
- LPSCAN.EXE has several options (listed below) that can be entered
- from the command line. LPSCAN.EXE displays most of these options
- when you run it with the /? option or when an invalid option or
- parameter is used.
- Option Description
- Drive:[path[filename]] This parameter is required in order for
- LPSCAN.EXE to know where and what to
- scan.
- /A Specifies all the files in the current directory
- on the specified drive, instead of using *.*.
- /D Deletes the infected file after prompting for
- confirmation on each virus found. The
- process overwrites and deletes the file.
- /L= Records all the events with the current scan
- to the specified file. If the file name is not
- specified, an auto-incrementing file name
- (WS$*.*) is opened and written to the
- current directory.
- /M Scans memory only.
- /NB Cancels scanning of the boot and partition
- area of the boot disk.
- /NC Cancels the cleaning option prompts (Clean
- and Leave Alone) when LPSCAN.EXE is
- run.
- /NM Cancels scanning of the workstations
- memory. You should verify that memory is
- clean before using this option.
- /NS Cancels scanning of subdirectories below the
- current directories of the specified drive(s).
- /RP Restores the original partition table if
- LPScan was not able to clean it correctly.
- /V Scan all local volumes (both floppy and hard
- disks).
- /W Requires users without supervisory rights to
- enter a password in order to scan network
- drives. The default password is LPCLEAN.
- To run LPSCAN.EXE immediately when a user logs in:
- 1. Enter the LPSCAN.EXE scan parameters in the system login script.
- For example:
- IF HOUR < 10 THEN BEGIN
- # LPSCAN.EXE /V
- END
- The first line of the script stops LPSCAN.EXE from scanning after
- 10 A.M.. Users logging in or relogging in after 10 A.M. will not
- have their local disks scanned with LPSCAN.EXE.
- Note: Pressing <Esc> during the scan will abort the scan.
- To scan and clean files with LPSCAN.EXE:
- 1. Login to the network at the workstation whose local drives you want
- to scan.
- Note: If you think you have a boot sector virus, the recommended approach
- is to back up the partition table before scanning the hard disk.
- 2. Go to the directory where LANProtect is installed or map a drive to
- the directory where LANProtect is installed.
- 3. Run LPSCAN.EXE with the appropriate options. For example:
- J:\LPROTECT>LPSCAN /A
- LPSCAN.EXE cleans the infected files unless the parameter /NC is
- used to stop the cleaning. You will receive notification if a virus
- is found. You will be prompted to either clean the virus or will
- receive notification if the file cannot be cleaned. When cleaning
- is complete, data on the cleaning will be added to the LANProtect
- log file.
- Note: Any damage done to the files by the virus cannot be repaired by
- LPScan.
- To clean infected network files:
- 1. Select Virus Utilities/Exception Lists/Exception File.
- 2. Press <Ins> to add the new exception file.
- 3. Enter the infected files to be cleaned on the Exception File list.
- 4. Go to the directory where the infected file is.
- 5. Run LPSCAN.EXE and specify the full path to the directory where
- the file resides.
- LPScan scans and cleans the network files.
- If you are aware of a virus that is not on the LANProtect virus
- pattern list, upgrade to the latest pattern file. If you have the latest
- update, call Intel customer support to report the virus.
-
- Cleaning Boot Sector Viruses
- In the event that LANProtect finds a boot sector virus on a hard or
- floppy disk, it will attempt to clean the boot sector by replacing it with
- a generic boot sector. Depending on the virus, the partition table may
- not be able to be restored during the cleaning of the boot sector.
- Follow the instructions below to restore the partition table and purge
- the virus from your hard disk.
- To restore the partition table and remove the virus:
- 1. Run LPScan with the /RP option.
- 2. Reboot from a clean bootable diskette.
- 3. Backup all files on your hard disk.
- 4. Reformat the hard disk with a low-level format.
- 5. Scan all the floppy disks that you used to backup the files on your
- hard disk.
- Scanning the backed-up files will help you know which files are
- currently infected. Clean or delete the files that are infected so
- that you do not re-infect your hard disk.
-
- LPSCAN.EXE DOS Error Levels
- There are several DOS errors that LPSCAN.EXE returns if a virus is
- found or if an error was made in executing LPSCAN.EXE. The
- following table lists the DOS errors and what they mean. If more than
- one error occurred, the sum of the errors will indicate which errors
- occurred.
- DOS Error Error Encountered
- 0 No Error
- 1 Error in the command line option.
- 2 LPSCAN.EXE was unable to locate a valid
- Virus Pattern File. Map a drive to the
- server that LANProtect was installed on.
- 4 A virus was found in the computer■s
- memory. Remove it by turning the machine
- off and then boot from a clean diskette.
- 8 A boot sector or file virus was found on the
- drive that was scanned. Review the scan
- report to find out which file was infected.
- 16 LANProtect was unable to locate the
- specified drive.
- 32 LPScan was aborted by the user pressing
- <Esc>. A message saying that the user
- broke the scan is recored in LPLOG.RPT.
- Refer to the SAMPLE.BAT file on
- LANProtect■s distribution diskette for
- information on how to use the error
- levels.
- �PCScan
- PCScan scans executed files only at the workstation level. It does not
- scan data files or files copied from one directory to another via the
- DOS copy command. PCScan can be loaded upon bootup of the
- workstation and remains in base memory at the workstation. It can be
- loaeded into either base memory or high memory. When files are
- executed, PCScan scans them, drawing upon the pattern file of
- LANProtect which is located at the file server. However, if the
- LANProtect NLM is not loaded or the Real Time File scan is turned
- off, PCScan cannot scan executed files at the workstation.
- There are two ways to execute PCScan; from the login script or from a
- batch file. Executing PCScan from the login script has some
- disadvantages, however. If it is executed as part of the login script, it
- may fragment the base memory. Typically, TSRs loaded from within
- login scripts can fragment base memory. When you load the TSR
- from the login script, it will locate itself in the lowest available spot in
- base memory unless you load it into high memory.
- PCScan can be loaded from a batch file either before or after the user
- logs in. If PCScan is loaded before the user logs in, the entire
- LANProtect program must be installed in a subdirectory of the login
- directory. If PCScan is executed after the user logs in, it may never be
- executed if the login script exits to a menu.
- To load PCScan from the login script:
- 1. Enter NetWare■s system login script in SYSCON.
- 2. Enter a command line for PCScan. For example:
- # [PATH] PCSCAN.COM
- To load PCScan from a batch file before the user logs in:
- 1. Create a subdirectory in the login directory.
- 2. Install the entire LANProtect program into that directory.
- 3. Type PCSCAN.COM after the NETX line and before the login
- command in the AUTOEXEC.BAT file.
- To load PCScan from a batch file after the user logs in:
- 1. Put the PCScan command after the login command in the
- AUTOEXEC.BAT file.�MacScan
- MacScan is similar to LPScan because it scans the files on the local
- drives of the Macintosh. It also has the capability of scanning network
- drives. However, it cannot clean the files. Options for the MacScan
- are listed on the Selection Screen. Click on the appropriate buttons or
- boxes to make file selections.
-
- Item Description
- List of Directories Open the volume, directory, or folder whose
- folders or files you want to appear in the file
- selection list box.
- Scan Selected Item Scan the selected item.
- Create Scan Report Place an ■X■ in the check box to generate a
- report upon completion of the scan. Each
- time you run the MacScan, a report is
- appended to the previous reports. The
- report is stored in the MacScan application
- directory and can be formatted and printed
- in another Macintosh application. The
- report is also appended in the LPLOG
- directory under the LANProtect directory in
- DOS.
- Eject Ejects a disk from the floppy disk drive.
- Desktop Places items on the desktop into the selection
- list box.
- Open Opens the directory or folder highlighted in
- the list box.
- Cancel Returns you to the main screen.
- If you have System 7.0 on your
- Macintosh, you can make an alias of the
- MacScan. The MacScan can then be
- automatically launched at bootup if the
- MacScan alias is placed in the ■start-up
- items folder■ of the Macintosh. When
- users log in to the server, they can
- double click on the alias and scan their
- Macintoshes.
- To make an alias of MacScan:
- 1. Select the MacScan application from the desktop folder.
- 2. Copy MacScan to a file server you are logged in to.
- 3. Highlight MacScan on the server directory.
- 4. Select Make Alias from the pull-down File menu.
- 5. Copy the alias to the local workstation.
- The MacScan alias appears on the desktop.
-
- To scan Macintosh files:
- 1. Login to the network at the workstation you want to scan.
- 2. Double click the MacScan alias or go to the directory where the
- MacScan application is stored and select it.
- The MacScan program appears.
-
- 3. Click Scan.
- The Selection screen appears.
- 4. Click on the field with the down arrow to begin the selection process.
- 5. Release the mouse button on the file or directory you want to scan.
- 6. Click Open to open the directory to select a specific file for scanning.
- 7. Click Scan Selected Item to scan the file or directory you highlighted.
- The program reverts to the first screen you saw and lists each file
- as it is scanned. If there is a virus, LANProtect displays the virus
- name. To stop the scan before it is finished, click Stop.
-
- If LANProtect finds a virus, a message appears stating the name of
- the virus and asks, ■Do you want to delete the file?■
-
- You can select either No, Delete, or Abort. The following table
- describes the options.
- Option Description
- No The file is left alone.
- Delete Deletes the file from the local disk. The file
- is no longer accessible.
- Abort Aborts MacScan. The initial program
- screen appears.
- 8. Click Quit to exit MacScan.
-
- MacScan Reports
- The MacScan application includes a reporting utility for generating
- reports each time you run MacScan. As reports are generated, they
- will append to the previous reports. Report are stored in the MacScan
- application directory and can be formatted and printed from another
- Macintosh application. They also append to the LPLOG.RPT file in
- the LPROTECT/LPLOG directory with reports generated by LPScan
- and can be viewed and edited in the DOS Editor. Note that path
- conventions for Macintosh files differ from DOS path conventions.
- To generate a report about the scan:
- 1. Click the Create Scan Report check box so an ■X■ appears in the
- box.
- 2. Run MacScan.
- A report is generated.
- 3. View the report in another Macintosh application or in the
- LPLOG.RPT file.�
